package com.zyht.website.controller;

import javax.servlet.http.HttpServletRequest;

import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;

import com.wx.util.Md5Encrypt;
import com.zyht.common.AbsManageBaseController;
import com.zyht.website.entity.SysUser;
import com.zyht.website.shiro.PermissionUtils;

/**
 * 权限管理
 * 
 * @author dingyaming
 *
 */
@Controller
@RequestMapping("/admin/auth")
public class AuthController extends AbsManageBaseController {

	@RequestMapping("/pwdindex")
	@RequiresPermissions(value = {"admin:auth:pwdindex"})
	public String passwordPage(){

		return "/admin/auth/pwdindex";
	}

	@RequestMapping("/repwd")
	@RequiresPermissions(value = {"admin:auth:repwd"})
	public String modifyPassword(String oldPassword,String password,String rePassword,Model model,HttpServletRequest request){

		SysUser user = PermissionUtils.getUser();
		if(user != null){
			if(!Md5Encrypt.md5(oldPassword).equals(user.getPassword())){
				model.addAttribute("redirect","pwd");
				model.addAttribute("msg","原密码错误，修改失败");
				return "message";
			} else if(!password.equals(rePassword)){
				model.addAttribute("redirect","pwd");
				model.addAttribute("msg","两次密码不一致，修改失败");
				return "message";
			} else if(password.length() < 6 || password.length() > 16){
				model.addAttribute("redirect","pwd");
				model.addAttribute("msg","密码长度应该在6-16之间");
				return "message";
			}

			if(oldPassword.equals(password)){
				model.addAttribute("redirect","pwd");
				model.addAttribute("msg","新密码不要和原密码相同");
				return "message";
			}
			String newPwd = Md5Encrypt.md5(password);

		} else{
			model.addAttribute("redirect","pwd");
			model.addAttribute("msg","登录用户错误");
			return "message";
		}
		model.addAttribute("redirect","admin/login/logout");
		model.addAttribute("msg","密码修改成功，请重新登录");
		return "message";
	}
}
